last sync: 2023-Jun-06 18:29:21 UTC

Azure Policy definition

Implement cryptographic mechanisms

Name Implement cryptographic mechanisms
Azure Portal
Id 10c3a1b1-29b0-a2d5-8f4c-a284b0f07830
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1419 - Implement cryptographic mechanisms
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 5 compliance controls are associated with this Policy definition 'Implement cryptographic mechanisms' (10c3a1b1-29b0-a2d5-8f4c-a284b0f07830)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 MA-4(6) FedRAMP_High_R4_MA-4(6) FedRAMP High MA-4 (6) Maintenance Cryptographic Protection Shared n/a The information system implements cryptographic mechanisms to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications. Supplemental Guidance: Related controls: SC-8, SC-13. link 1
hipaa 18110.08j1Organizational.5-08.j hipaa-18110.08j1Organizational.5-08.j 18110.08j1Organizational.5-08.j 18 Physical & Environmental Security 18110.08j1Organizational.5-08.j 08.02 Equipment Security Shared n/a The organization monitors and controls non-local maintenance and diagnostic activities; and prohibits non-local system maintenance unless explicitly authorized, in writing, by the CIO or his/her designated representative. 4
NIST_SP_800-53_R4 MA-4(6) NIST_SP_800-53_R4_MA-4(6) NIST SP 800-53 Rev. 4 MA-4 (6) Maintenance Cryptographic Protection Shared n/a The information system implements cryptographic mechanisms to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications. Supplemental Guidance: Related controls: SC-8, SC-13. link 1
NIST_SP_800-53_R5 MA-4(6) NIST_SP_800-53_R5_MA-4(6) NIST SP 800-53 Rev. 5 MA-4 (6) Maintenance Cryptographic Protection Shared n/a Implement the following cryptographic mechanisms to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications: [Assignment: organization-defined cryptographic mechanisms]. link 1
PCI_DSS_v4.0 2.2.7 PCI_DSS_v4.0_2.2.7 PCI DSS v4.0 2.2.7 Requirement 02: Apply Secure Configurations to All System Components System components are configured and managed securely Shared n/a All non-console administrative access is encrypted using strong cryptography. link 1
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 10c3a1b1-29b0-a2d5-8f4c-a284b0f07830
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
PCI DSS v4 c676748e-3af9-4e22-bc28-50feed564afb Regulatory Compliance GA BuiltIn
JSON